static function run_installer()
{
global $wpdb;
if (function_exists('is_multisite') && is_multisite()) {
// check if it is a network activation - if so, run the activation function for each blog id
if (isset($_GET['networkwide']) && $_GET['networkwide'] == 1) {
$old_blog = $wpdb->blogid;
// Get all blog ids
$blogids = $wpdb->get_col("SELECT blog_id FROM {$wpdb->blogs}");
foreach ($blogids as $blog_id) {
switch_to_blog($blog_id);
AIOWPSecurity_Installer::create_db_tables();
AIOWPSecurity_Configure_Settings::add_option_values();
}
AIOWPSecurity_Installer::create_db_backup_dir();
//Create a backup dir in the WP uploads directory
switch_to_blog($old_blog);
return;
}
}
AIOWPSecurity_Installer::create_db_tables();
AIOWPSecurity_Configure_Settings::add_option_values();
AIOWPSecurity_Installer::create_db_backup_dir();
//Create a backup dir in the WP uploads directory
AIOWPSecurity_Installer::miscellaneous_tasks();
}
static function run_deactivation_tasks()
{
global $wpdb;
global $aio_wp_security;
//Let's first save the current aio_wp_security_configs options in a temp option
update_option('aiowps_temp_configs', $aio_wp_security->configs->configs);
//Deactivate all firewall and other .htaccess rules
AIOWPSecurity_Configure_Settings::turn_off_all_firewall_rules();
}
static function turn_off_all_security_features()
{
AIOWPSecurity_Configure_Settings::set_default_settings();
}
static function turn_off_all_security_features()
{
global $aio_wp_security;
AIOWPSecurity_Configure_Settings::set_default_settings();
//Refresh the .htaccess file based on the new settings
$res = AIOWPSecurity_Utility_Htaccess::write_to_htaccess();
if ($res == -1) {
$aio_wp_security->debug_logger->log_debug("AIOWPSecurity_Configure_Settings::turn_off_all_firewall_rules() - Could not write to the .htaccess file. Please check the file permissions.", 4);
}
}
function render_tab5()
{
global $aio_wp_security;
global $wpdb;
$events_table_name = AIOWPSEC_TBL_EVENTS;
AIOWPSecurity_Utility::cleanup_table($events_table_name, 500);
if (isset($_POST['aiowps_import_settings'])) {
$nonce = $_REQUEST['_wpnonce'];
if (!wp_verify_nonce($nonce, 'aiowpsec-import-settings-nonce')) {
$aio_wp_security->debug_logger->log_debug("Nonce check failed on import AIOWPS settings!", 4);
die("Nonce check failed on import AIOWPS settings!");
}
if (empty($_POST['aiowps_import_settings_file']) && empty($_POST['aiowps_import_settings_text'])) {
$this->show_msg_error(__('Please choose a file to import your settings from.', 'aiowpsecurity'));
} else {
if (empty($_POST['aiowps_import_settings_file'])) {
$import_from = "text";
} else {
$import_from = "file";
}
if ($import_from == "file") {
//Let's get the uploaded import file path
$submitted_import_file_path = trim($_POST['aiowps_import_settings_file']);
$attachment_id = AIOWPSecurity_Utility_File::get_attachment_id_from_url($submitted_import_file_path);
//we'll need this later for deleting
//Verify that file chosen has valid AIOWPS settings contents
$aiowps_settings_file_contents = $this->check_if_valid_aiowps_settings_file($submitted_import_file_path);
} else {
//Get the string right from the textarea. Still confirm it's in the expected format.
$aiowps_settings_file_contents = $this->check_if_valid_aiowps_settings_text($_POST['aiowps_import_settings_text']);
}
if ($aiowps_settings_file_contents != -1) {
//Apply the settings and delete the file (if applicable)
$settings_array = json_decode($aiowps_settings_file_contents, true);
$aiowps_settings_applied = update_option('aio_wp_security_configs', $settings_array);
if (!$aiowps_settings_applied) {
//Failed to import settings
$aio_wp_security->debug_logger->log_debug("Import AIOWPS settings from " . $import_from . " operation failed!", 4);
$this->show_msg_error(__('Import AIOWPS settings from ' . $import_from . ' operation failed!', 'aiowpsecurity'));
if ($import_from == "file") {
//Delete the uploaded settings file for security purposes
wp_delete_attachment($attachment_id, true);
if (false === wp_delete_attachment($attachment_id, true)) {
$this->show_msg_error(__('The deletion of the import file failed. Please delete this file manually via the media menu for security purposes.', 'aiowpsecurity'));
} else {
$this->show_msg_updated(__('The file you uploaded was also deleted for security purposes because it contains security settings details.', 'aiowpsecurity'));
}
}
} else {
$aio_wp_security->configs->configs = $settings_array;
//Refresh the configs global variable
//Just in case user submits partial config settings
//Run add_option_values to make sure any missing config items are at least set to default
AIOWPSecurity_Configure_Settings::add_option_values();
if ($import_from == "file") {
//Delete the uploaded settings file for security purposes
wp_delete_attachment($attachment_id, true);
if (false === wp_delete_attachment($attachment_id, true)) {
$this->show_msg_updated(__('Your AIOWPS settings were successfully imported via file input.', 'aiowpsecurity'));
$this->show_msg_error(__('The deletion of the import file failed. Please delete this file manually via the media menu for security purposes because it contains security settings details.', 'aiowpsecurity'));
} else {
$this->show_msg_updated(__('Your AIOWPS settings were successfully imported. The file you uploaded was also deleted for security purposes because it contains security settings details.', 'aiowpsecurity'));
}
} else {
$this->show_msg_updated(__('Your AIOWPS settings were successfully imported via text entry.', 'aiowpsecurity'));
}
//Now let's refresh the .htaccess file with any modified rules if applicable
$res = AIOWPSecurity_Utility_Htaccess::write_to_htaccess();
if ($res == -1) {
$this->show_msg_error(__('Could not write to the .htaccess file. Please check the file permissions.', 'aiowpsecurity'));
}
}
} else {
//Invalid settings file
$aio_wp_security->debug_logger->log_debug("The contents of your settings file appear invalid!", 4);
$this->show_msg_error(__('The contents of your settings file appear invalid. Please check the contents of the file you are trying to import settings from.', 'aiowpsecurity'));
if ($import_from == "file") {
//Let's also delete the uploaded settings file for security purposes
wp_delete_attachment($attachment_id, true);
if (false === wp_delete_attachment($attachment_id, true)) {
$this->show_msg_error(__('The deletion of the import file failed. Please delete this file manually via the media menu for security purposes.', 'aiowpsecurity'));
} else {
$this->show_msg_updated(__('The file you uploaded was also deleted for security purposes because it contains security settings details.', 'aiowpsecurity'));
}
}
}
}
}
?>
<h2><?php
_e('Export or Import Your AIOWPS Settings', 'aiowpsecurity');
?>
</h2>
<div class="aio_blue_box">
<?php
echo '<p>' . __('This section allows you to export or import your All In One WP Security & Firewall settings.', 'aiowpsecurity');
echo '<br />' . __('This can be handy if you wanted to save time by applying the settings from one site to another site.', 'aiowpsecurity') . '
<br />' . __('NOTE: Before importing, it is your responsibility to know what settings you are trying to import. Importing settings blindly can cause you to be locked out of your site.', 'aiowpsecurity') . '
<br />' . __('For Example: If a settings item relies on the domain URL then it may not work correctly when imported into a site with a different domain.', 'aiowpsecurity') . '
</p>';
?>
</div>
<div class="postbox">
<h3><label for="title"><?php
_e('Export AIOWPS Settings', 'aiowpsecurity');
?>
</label></h3>
<div class="inside">
<form action="" method="POST">
<?php
wp_nonce_field('aiowpsec-export-settings-nonce');
?>
<table class="form-table">
<tr valign="top">
<span class="description"><?php
_e('To export your All In One WP Security & Firewall settings click the button below.', 'aiowpsecurity');
?>
</span>
</tr>
</table>
<input type="submit" name="aiowps_export_settings" value="<?php
_e('Export AIOWPS Settings', 'aiowpsecurity');
?>
" class="button-primary" />
</form>
</div></div>
<div class="postbox">
<h3><label for="title"><?php
_e('Import AIOWPS Settings', 'aiowpsecurity');
?>
</label></h3>
<div class="inside">
<form action="" method="POST">
<?php
wp_nonce_field('aiowpsec-import-settings-nonce');
?>
<table class="form-table">
<tr valign="top">
<span class="description"><?php
_e('Use this section to import your All In One WP Security & Firewall settings from a file. Alternatively, copy/paste the contents of your import file into the textarea below.', 'aiowpsecurity');
?>
</span>
<th scope="row"><?php
_e('Import File', 'aiowpsecurity');
?>
:</th>
<td>
<input type="button" id="aiowps_import_settings_file_button" name="aiowps_import_settings_file_button" class="button rbutton" value="Select Your Import Settings File" />
<input name="aiowps_import_settings_file" type="text" id="aiowps_import_settings_file" value="" size="80" />
<p class="description">
<?php
_e('After selecting your file, click the button below to apply the settings to your site.', 'aiowpsecurity');
?>
</p>
</td>
</tr>
<tr valign="top">
<th scope="row"><?php
_e('Copy/Paste Import Data', 'aiowpsecurity');
?>
:</th>
<td>
<textarea name="aiowps_import_settings_text" id="aiowps_import_settings_text" style="width:80%;height:140px;"></textarea>
</td>
</tr>
</table>
<input type="submit" name="aiowps_import_settings" value="<?php
_e('Import AIOWPS Settings', 'aiowpsecurity');
?>
" class="button-primary" />
</form>
</div></div>
<?php
}
function render_tab1()
{
global $aio_wp_security;
if (isset($_POST['aiowpsec_disable_all_features'])) {
$nonce = $_REQUEST['_wpnonce'];
if (!wp_verify_nonce($nonce, 'aiowpsec-disable-all-features')) {
$aio_wp_security->debug_logger->log_debug("Nonce check failed on disable all security features!", 4);
die("Nonce check failed on disable all security features!");
}
AIOWPSecurity_Configure_Settings::turn_off_all_security_features();
//Now let's clear the applicable rules from the .htaccess file
$res = AIOWPSecurity_Utility_Htaccess::write_to_htaccess();
//Now let's revert the disable editing setting in the wp-config.php file if necessary
$res2 = AIOWPSecurity_Utility::enable_file_edits();
if ($res) {
$this->show_msg_updated(__('All the security features have been disabled successfully!', 'aiowpsecurity'));
} else {
if ($res == -1) {
$this->show_msg_error(__('Could not write to the .htaccess file. Please restore your .htaccess file manually using the restore functionality in the ".htaccess File".', 'aiowpsecurity'));
}
}
if (!$res2) {
$this->show_msg_error(__('Could not write to the wp-config.php. Please restore your wp-config.php file manually using the restore functionality in the "wp-config.php File".', 'aiowpsecurity'));
}
}
if (isset($_POST['aiowpsec_disable_all_firewall_rules'])) {
$nonce = $_REQUEST['_wpnonce'];
if (!wp_verify_nonce($nonce, 'aiowpsec-disable-all-firewall-rules')) {
$aio_wp_security->debug_logger->log_debug("Nonce check failed on disable all firewall rules!", 4);
die("Nonce check failed on disable all firewall rules!");
}
AIOWPSecurity_Configure_Settings::turn_off_all_firewall_rules();
//Now let's clear the applicable rules from the .htaccess file
$res = AIOWPSecurity_Utility_Htaccess::write_to_htaccess();
if ($res) {
$this->show_msg_updated(__('All firewall rules have been disabled successfully!', 'aiowpsecurity'));
} else {
if ($res == -1) {
$this->show_msg_error(__('Could not write to the .htaccess file. Please restore your .htaccess file manually using the restore functionality in the ".htaccess File".', 'aiowpsecurity'));
}
}
}
?>
<div class="aio_grey_box">
<p>For information, updates and documentation, please visit the <a href="http://www.tipsandtricks-hq.com/wordpress-security-and-firewall-plugin" target="_blank">AIO WP Security & Firewall Plugin</a> Page.</p>
<p><a href="http://www.tipsandtricks-hq.com/development-center" target="_blank">Follow us</a> on Twitter, Google+ or via Email to stay upto date about the new security features of this plugin.</p>
</div>
<div class="postbox">
<h3><label for="title"><?php
_e('WP Security Plugin', 'aiowpsecurity');
?>
</label></h3>
<div class="inside">
<p><?php
_e('Thank you for using our WordPress security plugin. There are a lot of security features in this plugin.', 'aiowpsecurity');
?>
</p>
<p><?php
_e('Go through each menu items and enable the security options to add more security to your site. Start by activating the basic features first.', 'aiowpsecurity');
?>
</p>
<p><?php
_e('It is a good practice to take a backup of your .htaccess file, database and wp-config.php file before activating the security features. This plugin has options that you can use to backup those resources easily.', 'aiowpsecurity');
?>
</p>
<p>
<ul class="aiowps_admin_ul_grp1">
<li><a href="admin.php?page=aiowpsec_database&tab=tab2" target="_blank"><?php
_e('Backup your database', 'aiowpsecurity');
?>
</a></li>
<li><a href="admin.php?page=aiowpsec_settings&tab=tab2" target="_blank"><?php
_e('Backup .htaccess file', 'aiowpsecurity');
?>
</a></li>
<li><a href="admin.php?page=aiowpsec_settings&tab=tab3" target="_blank"><?php
_e('Backup wp-config.php file', 'aiowpsecurity');
?>
</a></li>
</ul>
</p>
</div></div>
<div class="postbox">
<h3><label for="title"><?php
_e('Disable Security Features', 'aiowpsecurity');
?>
</label></h3>
<div class="inside">
<form method="post" action="<?php
echo $_SERVER["REQUEST_URI"];
?>
">
<?php
wp_nonce_field('aiowpsec-disable-all-features');
?>
<div class="aio_blue_box">
<?php
echo '<p>' . __('If you think that some plugin functionality on your site is broken due to a security feature you enabled in this plugin, then use the following option to turn off all the security features of this plugin.', 'aiowpsecurity') . '</p>';
?>
</div>
<div class="submit">
<input type="submit" class="button" name="aiowpsec_disable_all_features" value="<?php
_e('Disable All Security Features');
?>
" />
</div>
</form>
</div></div>
<div class="postbox">
<h3><label for="title"><?php
_e('Disable All Firewall Rules', 'aiowpsecurity');
?>
</label></h3>
<div class="inside">
<form method="post" action="<?php
echo $_SERVER["REQUEST_URI"];
?>
">
<?php
wp_nonce_field('aiowpsec-disable-all-firewall-rules');
?>
<div class="aio_blue_box">
<?php
echo '<p>' . __('This feature will disable all firewall rules which are currently active in this plugin and it will also delete these rules from your .htacess file. Use it if you think one of the firewall rules is causing an issue on your site.', 'aiowpsecurity') . '</p>';
?>
</div>
<div class="submit">
<input type="submit" class="button" name="aiowpsec_disable_all_firewall_rules" value="<?php
_e('Disable All Firewall Rules');
?>
" />
</div>
</form>
</div></div>
<?php
}
